Inactive [A] Win64/Patched.A on services.exe

Status
Not open for further replies.
T

tmx92

Posts: 10   +0
Hello,

Above all, sorry for my bad English but I am french. :)

I have a little problem with my computer, I think it is infected. I have actually seen that the previous malware removal topic concerns the same subject, notwithstanding I imagine it depends on the computer.

In fact, AVG Antivirus Free tells me every twenty minutes services.exe is infected with this thing Patched.A and I do not really know what to do because I imagine services.exe is a main file which could cause malfunction if altered. Besides, AVG permits me to remove this threat but explains it can induce instability, so I am careful.

Thanks for your help in advance.
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==============================

What Windows version is it?
 
For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Next...

Re-run FRST again.
Type the following in the edit box after "Search:".

services.exe

Click Search button and post the log (Search.txt) it makes in your reply.

I'll expect two logs:
- FRST.txt
- Search.txt
 
Here are the logs :

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2012
Ran by Système at 04-11-2012 00:34:40
Running from G:\
Windows 7 Home Premium (X64) OS Language: French Standard
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [9636896 2009-12-16] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] %ProgramFiles%\Apoint\Apoint.exe [x]
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [171520 2011-01-23] (Sun Microsystems, Inc.)
HKLM\...\Run: [ProxyCap] C:\PROGRA~1\PROXYL~1\ProxyCap\pcapui.exe [x]
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-21] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [320880 2009-08-26] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-01-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2596984 2012-07-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKU\Tom\...\Run: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-01-23] (Google Inc.)
HKU\Tom\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1353080 2012-10-14] (Valve Corporation)
HKU\Tom\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation)
HKU\Tom\...\Run: [Facebook Update] "C:\Users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-12] (Facebook Inc.)
HKU\Tom\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671904 2012-08-28] (DT Soft Ltd)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Services (Whitelisted) ===================

3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" [5167736 2012-08-13] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
2 SampleCollector; "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata" [259192 2011-01-29] (Sony Corporation)
3 SOHDBSvr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe" [70952 2009-10-15] (Sony Corporation)
3 SOHPlMgr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe" [91432 2009-10-15] (Sony Corporation)
2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
3 VAIO Entertainment TV Device Arbitration Service; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe" [69632 2009-09-14] (Sony Corporation)
2 VzCdbSvc; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe" [206336 2009-09-14] (Sony Corporation)
3 wampapache; "C:\wamp\bin\apache\apache2.4.2\bin\httpd.exe" -k runservice [24576 2012-05-13] (Apache Software Foundation)
3 wampmysqld; C:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe wampmysqld [9693696 2012-04-19] ()
2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [x]

==================== Drivers (Whitelisted) =====================

3 ArcSoftKsUFilter; C:\Windows\System32\Drivers\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [291680 2012-07-26] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [384352 2012-08-24] (AVG Technologies CZ, s.r.o.)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-10-06] (DT Soft Ltd)
3 MFWAMIDI64; C:\Windows\System32\Drivers\MFWAMIDI64.sys [32368 2011-11-09] (Mark of the Unicorn)
3 MFWAWAVE64; C:\Windows\System32\Drivers\MFWAWAVE64.sys [82544 2011-11-09] (Mark of the Unicorn)
3 motubus; C:\Windows\System32\drivers\MotuBus64.sys [29808 2011-11-09] (Mark of the Unicorn)
3 MotuFWA64; C:\Windows\System32\Drivers\MotuFWA64.sys [607856 2011-11-09] (Mark of the Unicorn)
3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] ()

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-11-04 00:34 - 2012-11-04 00:34 - 00000000 ____D C:\FRST
2012-11-03 23:59 - 2012-11-04 00:00 - 01459963 ____A (Farbar) C:\Users\Tom\Downloads\FRST64.exe
2012-11-03 23:46 - 2012-11-03 23:56 - 00000000 ____D C:\bhigi
2012-11-03 23:41 - 2012-11-03 23:41 - 00000000 ____D C:\Users\Tom\AppData\Local\{6B361853-EF39-4065-A014-3D66FB6A0601}
2012-11-03 22:54 - 2012-11-03 22:55 - 00000000 ____D C:\Users\Tom\Desktop\gar
2012-11-03 22:54 - 2012-11-03 22:54 - 00153498 ____A C:\Users\Tom\Downloads\Exercice2 (2).7z
2012-11-03 22:53 - 2012-11-03 22:53 - 00003258 ____A C:\Users\Tom\Downloads\source (1).cpp
2012-11-03 22:23 - 2012-11-04 00:06 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Adobe
2012-11-03 22:23 - 2012-11-03 22:23 - 00000000 ____D C:\Users\Tom\AppData\Local\Adobe
2012-11-03 22:23 - 2012-11-03 22:23 - 00000000 ____D C:\Users\All Users\Adobe
2012-11-03 21:47 - 2012-11-03 21:47 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Malwarebytes
2012-11-03 21:47 - 2012-11-03 21:47 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-11-03 21:40 - 2012-11-03 21:45 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\Tom\Downloads\mbam-setup-1.65.1.1000.exe
2012-11-03 00:31 - 2012-11-03 00:31 - 01989584 ____A C:\Users\Tom\Downloads\compromis.zip
2012-11-03 00:27 - 2012-11-03 00:27 - 01007695 ____A C:\Users\Tom\Downloads\en_Cours.zip
2012-11-03 00:26 - 2012-11-03 00:26 - 02643178 ____A C:\Users\Tom\Downloads\info_reçues.zip
2012-11-01 23:29 - 2012-11-01 23:36 - 00000000 ____D C:\Users\Tom\AppData\Local\Adobe-BackupByPhotoshopCS5Portable
2012-11-01 21:30 - 2012-11-01 21:30 - 00014322 ____A C:\Users\Tom\Downloads\IP liste (1).xlsx
2012-11-01 20:51 - 2012-11-01 20:51 - 00014322 ____A C:\Users\Tom\Downloads\IP liste.xlsx
2012-11-01 19:14 - 2012-11-01 19:14 - 00012065 ____A C:\Users\Tom\Downloads\Comparaison Devis.xlsx
2012-11-01 18:41 - 2012-11-01 18:42 - 05113096 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN (5).eps
2012-11-01 15:54 - 2012-11-01 16:23 - 855283909 ____A C:\Users\Tom\Downloads\1351764814_gala_2012.zip
2012-10-31 23:40 - 2012-11-01 00:10 - 00255081 ____A C:\MGlogs.zip
2012-10-31 23:40 - 2012-11-01 00:10 - 00000000 ____D C:\MGtools
2012-10-31 23:39 - 2012-10-31 23:39 - 01863385 ____A C:\MGtools.exe
2012-10-31 12:12 - 2012-10-31 12:12 - 01533731 ____A C:\Users\Tom\Downloads\devis_ecole_d_ing__nieurs_ponts_et_chauss__es_30_03_13.xlsx
2012-10-29 23:04 - 2012-10-29 23:04 - 00004824 ____A C:\Users\Tom\Downloads\s0nkite_Spiderman_pattern.zip
2012-10-29 20:58 - 2012-10-31 12:20 - 00000000 ____D C:\Users\All Users\SweetIM
2012-10-29 20:58 - 2012-10-31 12:20 - 00000000 ____D C:\Program Files (x86)\SweetIM
2012-10-29 20:47 - 2012-10-29 20:50 - 00000000 ____D C:\Users\Tom\zc
2012-10-29 20:22 - 2012-10-29 20:22 - 00000121 ____A C:\Windows\SysWOW64\DivFix.ini
2012-10-29 20:18 - 2012-10-29 20:18 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-10-29 20:18 - 2012-10-29 20:18 - 00000000 ____A C:\Windows\SysWOW64\DivFix.log
2012-10-29 20:16 - 2012-10-29 20:16 - 00273342 ____A C:\Users\Tom\Downloads\DivFix110.zip
2012-10-29 20:10 - 2012-10-29 20:10 - 00000000 ____D C:\Program Files (x86)\FDRLab
2012-10-29 20:07 - 2012-10-29 20:07 - 00000000 ____D C:\Users\Tom\tts
2012-10-29 13:17 - 2012-10-29 13:17 - 00002211 ____A C:\Users\Public\Desktop\Raptor - Call of the Shadows.lnk
2012-10-29 13:17 - 2012-10-29 13:17 - 00000000 ____D C:\Program Files (x86)\GOG.com
2012-10-29 11:01 - 2012-10-29 11:01 - 00000000 ____D C:\Users\Tom\AppData\Local\{559B5E1F-7FB9-44E4-8229-2BDB89154309}
2012-10-28 12:52 - 2012-10-28 12:55 - 00000262 ____A C:\Windows\CCMOUSE.INI
2012-10-28 12:52 - 2012-10-28 12:52 - 00000000 ____D C:\Cmouse
2012-10-28 12:51 - 2012-10-28 12:51 - 00144107 ____A C:\Users\Tom\Downloads\cmouse.zip
2012-10-28 12:37 - 2012-10-28 12:37 - 00166912 ____A C:\Users\Tom\Downloads\MidiYokeSetup.msi
2012-10-28 12:34 - 2012-10-28 12:37 - 00000000 ____D C:\Program Files (x86)\Pvm
2012-10-28 12:34 - 2012-10-28 12:34 - 02260619 ____A C:\Users\Tom\Downloads\PVMsetup.exe
2012-10-28 12:33 - 2012-10-28 12:33 - 00810857 ____A (Conduit) C:\Users\Tom\Downloads\01net_Piano_Virtuel_Midi.exe
2012-10-27 23:12 - 2012-10-28 11:21 - 00000000 ____D C:\Users\Tom\AppData\Local\{79072B6D-E097-4212-8E45-978943F446CC}
2012-10-27 22:36 - 2012-10-28 12:03 - 00000000 ____D C:\Users\Tom\AppData\Local\Native Instruments
2012-10-27 22:32 - 2012-10-28 12:03 - 00000000 ____D C:\Users\Tom\Documents\Native Instruments
2012-10-27 22:18 - 2012-10-27 22:18 - 00000000 ___DC C:\Users\All Users\{D8A28F10-6563-43AC-A9A6-278CB7631D2B}
2012-10-27 22:17 - 2012-10-27 22:17 - 00001027 ____A C:\Users\Public\Desktop\Reaktor 5.lnk
2012-10-27 22:17 - 2012-10-27 22:17 - 00000000 __HDC C:\Users\All Users\{DE181BBE-2522-484E-A620-BDCFB298DC87}
2012-10-27 22:08 - 2012-10-27 22:08 - 00001008 ____A C:\Users\Public\Desktop\Massive.lnk
2012-10-27 22:08 - 2012-10-27 22:08 - 00000000 __HDC C:\Users\All Users\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
2012-10-27 22:06 - 2012-10-27 22:06 - 00001032 ____A C:\Users\Public\Desktop\Kontakt 5.lnk
2012-10-27 22:06 - 2012-10-27 22:06 - 00000000 __HDC C:\Users\All Users\{34B6291D-C0D7-4BAF-B634-1D130C96F9F9}
2012-10-27 22:00 - 2012-10-27 22:00 - 00001062 ____A C:\Users\Public\Desktop\Guitar Rig 5.lnk
2012-10-27 22:00 - 2012-10-27 22:00 - 00000000 __HDC C:\Users\All Users\{DD2792B0-5B90-4CC3-8D97-1C733D7FB366}
2012-10-27 21:57 - 2012-10-27 21:57 - 00000960 ____A C:\Users\Public\Desktop\FM8.lnk
2012-10-27 21:57 - 2012-10-27 21:57 - 00000000 __HDC C:\Users\All Users\{3006A797-CDFA-44FC-98EF-155579E2CDBF}
2012-10-27 21:56 - 2012-10-27 21:56 - 00001032 ____A C:\Users\Public\Desktop\Battery 3.lnk
2012-10-27 21:56 - 2012-10-27 21:56 - 00000000 __HDC C:\Users\All Users\{E9CDB61C-771D-42BB-B441-4CA7622ACA52}
2012-10-27 21:54 - 2012-10-27 21:54 - 00001032 ____A C:\Users\Public\Desktop\Absynth 5.lnk
2012-10-27 21:54 - 2012-10-27 21:54 - 00000000 __HDC C:\Users\All Users\{C2A88E6D-FA3D-462B-BDFF-A09B1EFA8FBE}
2012-10-27 21:41 - 2012-10-27 22:18 - 00000000 ____D C:\Program Files\Native Instruments
2012-10-27 21:41 - 2012-10-27 22:03 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2012-10-27 21:41 - 2012-10-27 21:41 - 00001077 ____A C:\Users\Public\Desktop\Service Center.lnk
2012-10-27 21:41 - 2012-10-27 21:41 - 00000000 __HDC C:\Users\All Users\{EB3B2B5B-0AEF-45F3-B397-76DE53F83140}
2012-10-27 21:41 - 2012-10-27 21:41 - 00000000 ____D C:\Users\All Users\Native Instruments
2012-10-26 17:49 - 2012-10-26 17:49 - 00153498 ____A C:\Users\Tom\Downloads\Exercice2.7z
2012-10-26 16:59 - 2012-10-26 16:59 - 00153498 ____A C:\Users\Tom\Downloads\Exercice2 (1).7z
2012-10-26 02:23 - 2012-10-26 02:23 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2012-10-26 02:23 - 2012-10-26 02:23 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2012-10-25 14:21 - 2012-10-25 14:21 - 05113096 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN (4).eps
2012-10-25 14:21 - 2012-10-25 14:21 - 05113096 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN (3).eps
2012-10-24 00:31 - 2012-10-24 00:31 - 01110476 ____A C:\Users\Tom\Downloads\7z920 (1).exe
2012-10-23 21:12 - 2012-10-23 21:12 - 00000000 ____D C:\Users\Tom\AppData\Local\Trolltech
2012-10-23 20:50 - 2012-10-23 20:50 - 00000000 ____D C:\Users\Tom\Documents\Informatique
2012-10-23 20:44 - 2012-10-23 20:44 - 00002839 ____A C:\Users\Tom\Downloads\Tp2_Initial.zip
2012-10-23 20:43 - 2012-10-23 20:43 - 22179113 ____A C:\Users\Tom\Downloads\Imagine++-4.0.1-win32_vc10.exe
2012-10-23 20:43 - 2012-10-23 20:43 - 00000000 ____D C:\Program Files (x86)\Imagine++
2012-10-23 20:37 - 2012-10-23 20:37 - 00000000 ____D C:\Qt
2012-10-23 20:34 - 2012-10-23 20:34 - 245546472 ____A C:\Users\Tom\Downloads\qt-win-opensource-4.8.3-vs2010.exe
2012-10-23 20:33 - 2012-10-23 20:33 - 09372127 ____A C:\Users\Tom\Downloads\cmake-2.8.9-win32-x86.exe
2012-10-23 20:33 - 2012-10-23 20:33 - 00000000 ____D C:\Program Files (x86)\CMake 2.8
2012-10-23 20:15 - 2012-10-23 20:15 - 00003490 ____A C:\Users\Tom\Downloads\Tp2_Final.zip
2012-10-23 20:12 - 2012-11-03 23:01 - 00000000 ____D C:\Users\Tom\Documents\Visual Studio 2010
2012-10-23 20:10 - 2012-10-23 20:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2012-10-23 20:09 - 2012-10-23 20:09 - 00000000 ____D C:\Windows\symbols
2012-10-23 20:09 - 2012-10-23 20:09 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2012-10-23 20:09 - 2012-10-23 20:09 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2012-10-23 20:09 - 2012-10-23 20:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2012-10-23 20:07 - 2012-10-26 02:29 - 01648898 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-10-23 20:03 - 2012-10-23 20:03 - 03359048 ____A (Microsoft Corporation) C:\Users\Tom\Downloads\vc_web.exe
2012-10-23 20:02 - 2012-10-23 20:02 - 00950144 ____A (Microsoft Corporation) C:\Users\Tom\Downloads\win8express_full.exe
2012-10-23 20:00 - 2012-10-23 20:00 - 00000000 ____D C:\Users\Tom\Documents\Visual Studio 2008
2012-10-23 19:57 - 2012-10-23 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2012-10-23 19:56 - 2012-10-23 19:56 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2012-10-23 19:56 - 2012-10-23 19:56 - 00000000 ____D C:\Program Files\Microsoft SDKs
2012-10-23 19:54 - 2012-10-23 19:54 - 02722296 ____A (Microsoft Corporation) C:\Users\Tom\Downloads\vcsetup.exe
2012-10-20 14:36 - 2012-10-20 14:36 - 00000000 ____D C:\Users\Tom\AppData\Local\{02764E9B-DE1D-4BD1-872F-96A8B72433B0}
2012-10-19 23:31 - 2012-10-19 23:31 - 00002070 ____A C:\Users\Tom\Desktop\Dishonored.lnk
2012-10-19 23:31 - 2012-10-19 23:31 - 00000000 ____D C:\Users\Tom\Documents\My Games
2012-10-19 23:31 - 2012-10-19 23:31 - 00000000 ____D C:\Users\All Users\RELOADED
2012-10-19 22:13 - 2012-10-19 22:13 - 02484662 ____A C:\Users\Tom\Documents\gdp.bmp
2012-10-18 01:32 - 2012-10-18 01:32 - 05113096 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN (2).eps
2012-10-18 01:32 - 2012-10-18 01:32 - 05113096 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN (1).eps
2012-10-18 01:32 - 2012-10-18 01:32 - 05113096 ____A C:\Users\Tom\Documents\ecole_ponts_CMJN (2).eps
2012-10-15 15:59 - 2012-10-15 15:59 - 00163837 ____A C:\Users\Tom\Downloads\pas-edt.zip
2012-10-15 11:53 - 2012-10-15 11:53 - 00387774 ____A C:\Users\Tom\Downloads\EmploiDuTemps.tgz
2012-10-14 16:08 - 2012-10-14 16:08 - 00000000 ____D C:\Users\Tom\AppData\Local\{0E2E2845-FE93-4A73-80B1-982CD500C786}
2012-10-14 15:47 - 2012-10-14 15:47 - 14034051 ____A C:\Users\Tom\Downloads\freedom-20120927-01 (1).exe
2012-10-14 15:41 - 2012-10-14 15:41 - 00383849 ____A C:\Users\Tom\Downloads\Steam Offline Fix 3dot0-19347-3-0.7z
2012-10-14 14:57 - 2012-10-14 14:57 - 00000000 ____D C:\Users\Tom\AppData\Local\{29E01B53-E59E-45F4-9EB9-C39F15FFED82}
2012-10-14 14:54 - 2012-10-14 16:44 - 00000000 ____D C:\Users\Tom\AppData\Local\Your Freedom
2012-10-14 14:53 - 2012-10-14 14:53 - 14034051 ____A C:\Users\Tom\Downloads\freedom-20120927-01.exe
2012-10-14 14:52 - 2012-10-14 14:52 - 05159424 ____A C:\Users\Tom\Downloads\pcap503_x64 (1).msi
2012-10-14 14:52 - 2012-10-14 14:52 - 03598848 ____A C:\Users\Tom\Downloads\pcap503_x86 (1).msi
2012-10-13 18:34 - 2012-10-13 18:34 - 00000000 ____D C:\Users\Tom\AppData\Local\{8DE97D5E-A039-4AD0-86A8-D4D77CDFC9B0}
2012-10-13 18:25 - 2012-10-13 18:25 - 03598848 ____A C:\Users\Tom\Downloads\pcap503_x86.msi
2012-10-13 18:25 - 2012-10-13 18:25 - 00000000 ____D C:\Program Files\Proxy Labs
2012-10-13 18:24 - 2012-10-13 18:24 - 05159424 ____A C:\Users\Tom\Downloads\pcap503_x64.msi
2012-10-13 18:11 - 2012-10-13 18:11 - 03822952 ____A (Initex ) C:\Users\Tom\Downloads\ProxifierSetup.exe
2012-10-13 18:11 - 1997-06-06 14:52 - 00011264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
2012-10-13 17:09 - 2012-10-13 17:09 - 00000000 ____D C:\Users\Tom\AppData\Local\{96D8BBFC-6818-4A7E-9F14-BDBA5773D6AE}
2012-10-13 16:32 - 2012-10-13 16:32 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2012-10-13 14:09 - 2012-10-13 17:16 - 00000000 ____D C:\Program Files\Dishonored
2012-10-12 10:07 - 2012-10-12 10:07 - 16833432 ____A C:\Users\Tom\Downloads\Adobe_Reader_9.0_Lite_ENG.exe
2012-10-12 10:04 - 2012-10-12 10:04 - 00373488 ____A (Softonic) C:\Users\Tom\Downloads\SoftonicDownloader_pour_pdf-xchange-viewer-portable.exe
2012-10-12 09:50 - 2012-10-12 09:50 - 02449458 ____A C:\Users\Tom\Downloads\so.eps
2012-10-12 09:13 - 2012-10-12 09:13 - 00000000 ____D C:\Users\Tom\AppData\Local\{F215E6D1-C840-493B-9524-E15BDE7C5197}
2012-10-11 17:06 - 2012-08-31 19:19 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-11 17:06 - 2012-08-30 19:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-11 17:06 - 2012-08-30 18:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-11 17:06 - 2012-08-30 18:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-11 17:06 - 2012-08-20 19:48 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-11 17:06 - 2012-08-20 19:48 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-11 17:06 - 2012-08-20 19:48 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-10-11 17:06 - 2012-08-20 19:48 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-10-11 17:06 - 2012-08-20 19:48 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-11 17:06 - 2012-08-20 19:48 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-10-11 17:06 - 2012-08-20 19:48 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-10-11 17:06 - 2012-08-20 19:46 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-11 17:06 - 2012-08-20 19:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:40 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-10-11 17:06 - 2012-08-20 18:38 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-10-11 17:06 - 2012-08-20 18:37 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-10-11 17:06 - 2012-08-20 18:37 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-10-11 17:06 - 2012-08-20 18:37 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 17:06 - 2012-08-20 16:38 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-10-11 17:05 - 2012-09-14 20:19 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-11 17:05 - 2012-09-14 19:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-11 17:05 - 2012-08-24 19:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-11 17:05 - 2012-08-24 17:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 19:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 18:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 18:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 16:38 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-10-11 17:05 - 2012-08-20 16:33 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 16:33 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 16:33 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 17:05 - 2012-08-20 16:33 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-11 17:05 - 2012-08-11 01:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-11 17:05 - 2012-08-11 00:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-11 17:05 - 2012-06-02 06:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-11 17:05 - 2012-06-02 06:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-11 17:05 - 2012-06-02 06:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-11 17:05 - 2012-06-02 05:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-11 17:05 - 2012-06-02 05:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-11 17:05 - 2012-06-02 05:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-10-10 15:51 - 2012-10-10 15:51 - 00000000 ____D C:\Users\Tom\AppData\Local\{E897794D-5FBF-4E17-9404-E23D8844CFA2}
2012-10-10 12:14 - 2012-10-10 12:14 - 00000000 ____D C:\Users\Tom\AppData\Local\{7C73B47C-87B4-425B-9F4E-F5958A901201}
2012-10-10 10:25 - 2012-10-10 10:25 - 00000000 ____D C:\Users\Tom\AppData\Local\{572243D4-F9FB-49A3-9E7C-6738E03406C4}
2012-10-09 23:01 - 2012-10-24 23:23 - 00000000 ____D C:\Users\Tom\.freemind
2012-10-09 23:01 - 2012-10-09 23:01 - 13655880 ____A ( ) C:\Users\Tom\Downloads\FreeMind-Windows-Installer-0.9.0-max.exe
2012-10-09 23:01 - 2012-10-09 23:01 - 00000000 ____D C:\Program Files (x86)\FreeMind
2012-10-08 14:58 - 2012-10-08 14:58 - 00000000 ____D C:\Users\Tom\Documents\Scilab
2012-10-08 14:57 - 2012-10-08 14:57 - 00001053 ____A C:\Users\Public\Desktop\Scilab 5.4.0.lnk
2012-10-08 14:57 - 2012-10-08 14:57 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Scilab
2012-10-08 14:55 - 2012-10-08 14:58 - 00000000 ____D C:\Program Files\scilab-5.4.0
2012-10-08 14:55 - 2012-10-08 14:55 - 28135014 ____A C:\Users\Tom\Downloads\scilab-help-chm-5.4.zip
2012-10-08 14:54 - 2012-10-08 14:54 - 20593796 ____A C:\Users\Tom\Downloads\blas-lapack-mkl-5.4-win64.zip
2012-10-08 14:54 - 2012-10-08 14:54 - 13866852 ____A C:\Users\Tom\Downloads\commons-mkl-5.4-win64.zip
2012-10-08 14:54 - 2012-10-08 14:54 - 05138855 ____A C:\Users\Tom\Downloads\fftw-mkl-5.4-win64.zip
2012-10-08 14:53 - 2012-10-08 14:53 - 116249984 ____A (Scilab Enterprises ) C:\Users\Tom\Downloads\scilab-5.4.0_x64.exe
2012-10-08 14:52 - 2012-10-08 14:52 - 113608672 ____A (Scilab Enterprises ) C:\Users\Tom\Downloads\scilab-5.4.0.exe
2012-10-07 21:19 - 2012-10-07 21:19 - 00000000 ____D C:\Users\Tom\AppData\Local\{66CBCEE4-896D-466A-8830-8979F79E22CA}
2012-10-07 21:08 - 2012-10-07 21:08 - 00000000 ____D C:\Users\Tom\AppData\Local\{A9CAA306-2B38-4411-8119-0C17F37F43E2}
2012-10-07 20:59 - 2012-10-07 20:59 - 00000000 ____D C:\Users\Tom\AppData\Local\{88308367-CCB5-4C2D-A407-ABE6BBE58448}
2012-10-06 21:00 - 2012-10-06 21:00 - 00000000 ____D C:\Users\Tom\AppData\Local\{124FE9DA-8D64-49DE-B07D-1BABB1564AD7}
2012-10-06 20:57 - 2012-10-06 20:57 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2012-10-06 20:55 - 2012-10-06 20:57 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2012-10-06 20:55 - 2012-10-06 20:55 - 00001972 ____A C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2012-10-06 20:53 - 2012-10-06 20:54 - 14294360 ____A (DT Soft Ltd) C:\Users\Tom\Downloads\DTLite4454-0316.exe
2012-10-06 20:53 - 2012-10-06 20:53 - 00000000 ____D C:\Users\All Users\DAEMON Tools Pro
2012-10-06 20:52 - 2012-10-06 20:53 - 19302416 ____A (DT Soft Ltd) C:\Users\Tom\Downloads\DAEMONToolsPro510-0333.exe
2012-10-06 20:34 - 2012-05-12 23:09 - 1464242590 ____A C:\[www.Cpasbien.com] foryou-thg-tsmd.avi
2012-10-06 20:22 - 2012-10-06 20:22 - 00193224 ____A (Igor Pavlov) C:\Users\Tom\Downloads\download (1).exe
2012-10-06 20:20 - 2012-10-06 20:20 - 00193221 ____A (Igor Pavlov) C:\Users\Tom\Downloads\download.exe

==================== 3 Months Modified Files ==================

2012-11-04 00:29 - 2009-07-14 05:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-04 00:29 - 2009-07-14 05:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-04 00:26 - 2011-01-23 00:26 - 00748290 ____A C:\Windows\System32\perfh00C.dat
2012-11-04 00:26 - 2011-01-23 00:26 - 00149898 ____A C:\Windows\System32\perfc00C.dat
2012-11-04 00:26 - 2009-07-14 06:13 - 01670178 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-04 00:00 - 2012-11-03 23:59 - 01459963 ____A (Farbar) C:\Users\Tom\Downloads\FRST64.exe
2012-11-03 23:54 - 2012-09-20 18:49 - 00001070 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3774814964-3881367418-1557904352-1001UA.job
2012-11-03 23:39 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-03 23:39 - 2009-07-14 05:51 - 00158707 ____A C:\Windows\setupact.log
2012-11-03 23:38 - 2011-01-23 00:30 - 00650174 ____A C:\Windows\PFRO.log
2012-11-03 22:54 - 2012-11-03 22:54 - 00153498 ____A C:\Users\Tom\Downloads\Exercice2 (2).7z
2012-11-03 22:53 - 2012-11-03 22:53 - 00003258 ____A C:\Users\Tom\Downloads\source (1).cpp
2012-11-03 21:45 - 2012-11-03 21:40 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\Tom\Downloads\mbam-setup-1.65.1.1000.exe
2012-11-03 21:23 - 2011-01-23 00:33 - 02004519 ____A C:\Windows\WindowsUpdate.log
2012-11-03 19:54 - 2012-09-20 18:49 - 00001018 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3774814964-3881367418-1557904352-1001Core.job
2012-11-03 00:31 - 2012-11-03 00:31 - 01989584 ____A C:\Users\Tom\Downloads\compromis.zip
2012-11-03 00:27 - 2012-11-03 00:27 - 01007695 ____A C:\Users\Tom\Downloads\en_Cours.zip
2012-11-03 00:26 - 2012-11-03 00:26 - 02643178 ____A C:\Users\Tom\Downloads\info_reçues.zip
2012-11-01 21:30 - 2012-11-01 21:30 - 00014322 ____A C:\Users\Tom\Downloads\IP liste (1).xlsx
2012-11-01 20:51 - 2012-11-01 20:51 - 00014322 ____A C:\Users\Tom\Downloads\IP liste.xlsx
2012-11-01 19:14 - 2012-11-01 19:14 - 00012065 ____A C:\Users\Tom\Downloads\Comparaison Devis.xlsx
2012-11-01 18:42 - 2012-11-01 18:41 - 05113096 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN (5).eps
2012-11-01 16:23 - 2012-11-01 15:54 - 855283909 ____A C:\Users\Tom\Downloads\1351764814_gala_2012.zip
2012-11-01 00:10 - 2012-10-31 23:40 - 00255081 ____A C:\MGlogs.zip
2012-10-31 23:39 - 2012-10-31 23:39 - 01863385 ____A C:\MGtools.exe
2012-10-31 12:12 - 2012-10-31 12:12 - 01533731 ____A C:\Users\Tom\Downloads\devis_ecole_d_ing__nieurs_ponts_et_chauss__es_30_03_13.xlsx
2012-10-29 23:04 - 2012-10-29 23:04 - 00004824 ____A C:\Users\Tom\Downloads\s0nkite_Spiderman_pattern.zip
2012-10-29 20:22 - 2012-10-29 20:22 - 00000121 ____A C:\Windows\SysWOW64\DivFix.ini
2012-10-29 20:18 - 2012-10-29 20:18 - 00000000 ____A C:\Windows\SysWOW64\DivFix.log
2012-10-29 20:16 - 2012-10-29 20:16 - 00273342 ____A C:\Users\Tom\Downloads\DivFix110.zip
2012-10-29 20:12 - 2006-08-13 13:06 - 00000053 ____A C:\Users\Tom\Documents\FILE_ID.DIZ
2012-10-29 20:12 - 2006-08-13 05:33 - 00004659 ____A C:\Users\Tom\Documents\TWK.nfo
2012-10-29 20:11 - 2006-08-13 13:06 - 00000053 ____A C:\Users\Tom\Downloads\FILE_ID.DIZ
2012-10-29 20:11 - 2006-08-13 05:33 - 00004659 ____A C:\Users\Tom\Downloads\TWK.nfo
2012-10-28 12:55 - 2012-10-28 12:52 - 00000262 ____A C:\Windows\CCMOUSE.INI
2012-10-28 12:51 - 2012-10-28 12:51 - 00144107 ____A C:\Users\Tom\Downloads\cmouse.zip
2012-10-28 12:44 - 2011-01-23 01:10 - 00135008 ____A C:\Users\Tom\AppData\Local\GDIPFONTCACHEV1.DAT
2012-10-28 12:43 - 2009-07-14 05:45 - 00499864 ____A C:\Windows\System32\FNTCACHE.DAT
2012-10-28 12:37 - 2012-10-28 12:37 - 00166912 ____A C:\Users\Tom\Downloads\MidiYokeSetup.msi
2012-10-28 12:34 - 2012-10-28 12:34 - 02260619 ____A C:\Users\Tom\Downloads\PVMsetup.exe
2012-10-28 12:33 - 2012-10-28 12:33 - 00810857 ____A (Conduit) C:\Users\Tom\Downloads\01net_Piano_Virtuel_Midi.exe
2012-10-27 22:17 - 2012-10-27 22:17 - 00001027 ____A C:\Users\Public\Desktop\Reaktor 5.lnk
2012-10-27 22:08 - 2012-10-27 22:08 - 00001008 ____A C:\Users\Public\Desktop\Massive.lnk
2012-10-27 22:06 - 2012-10-27 22:06 - 00001032 ____A C:\Users\Public\Desktop\Kontakt 5.lnk
2012-10-27 22:00 - 2012-10-27 22:00 - 00001062 ____A C:\Users\Public\Desktop\Guitar Rig 5.lnk
2012-10-27 21:57 - 2012-10-27 21:57 - 00000960 ____A C:\Users\Public\Desktop\FM8.lnk
2012-10-27 21:56 - 2012-10-27 21:56 - 00001032 ____A C:\Users\Public\Desktop\Battery 3.lnk
 
2012-10-27 21:54 - 2012-10-27 21:54 - 00001032 ____A C:\Users\Public\Desktop\Absynth 5.lnk
2012-10-27 21:41 - 2012-10-27 21:41 - 00001077 ____A C:\Users\Public\Desktop\Service Center.lnk
2012-10-26 17:49 - 2012-10-26 17:49 - 00153498 ____A C:\Users\Tom\Downloads\Exercice2.7z
2012-10-26 16:59 - 2012-10-26 16:59 - 00153498 ____A C:\Users\Tom\Downloads\Exercice2 (1).7z
2012-10-26 02:29 - 2012-10-23 20:07 - 01648898 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-10-25 14:21 - 2012-10-25 14:21 - 05113096 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN (4).eps
2012-10-25 14:21 - 2012-10-25 14:21 - 05113096 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN (3).eps
2012-10-24 00:31 - 2012-10-24 00:31 - 01110476 ____A C:\Users\Tom\Downloads\7z920 (1).exe
2012-10-23 20:44 - 2012-10-23 20:44 - 00002839 ____A C:\Users\Tom\Downloads\Tp2_Initial.zip
2012-10-23 20:43 - 2012-10-23 20:43 - 22179113 ____A C:\Users\Tom\Downloads\Imagine++-4.0.1-win32_vc10.exe
2012-10-23 20:34 - 2012-10-23 20:34 - 245546472 ____A C:\Users\Tom\Downloads\qt-win-opensource-4.8.3-vs2010.exe
2012-10-23 20:33 - 2012-10-23 20:33 - 09372127 ____A C:\Users\Tom\Downloads\cmake-2.8.9-win32-x86.exe
2012-10-23 20:15 - 2012-10-23 20:15 - 00003490 ____A C:\Users\Tom\Downloads\Tp2_Final.zip
2012-10-23 20:03 - 2012-10-23 20:03 - 03359048 ____A (Microsoft Corporation) C:\Users\Tom\Downloads\vc_web.exe
2012-10-23 20:02 - 2012-10-23 20:02 - 00950144 ____A (Microsoft Corporation) C:\Users\Tom\Downloads\win8express_full.exe
2012-10-23 19:54 - 2012-10-23 19:54 - 02722296 ____A (Microsoft Corporation) C:\Users\Tom\Downloads\vcsetup.exe
2012-10-19 23:31 - 2012-10-19 23:31 - 00002070 ____A C:\Users\Tom\Desktop\Dishonored.lnk
2012-10-19 22:13 - 2012-10-19 22:13 - 02484662 ____A C:\Users\Tom\Documents\gdp.bmp
2012-10-18 01:32 - 2012-10-18 01:32 - 05113096 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN (2).eps
2012-10-18 01:32 - 2012-10-18 01:32 - 05113096 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN (1).eps
2012-10-18 01:32 - 2012-10-18 01:32 - 05113096 ____A C:\Users\Tom\Documents\ecole_ponts_CMJN (2).eps
2012-10-15 15:59 - 2012-10-15 15:59 - 00163837 ____A C:\Users\Tom\Downloads\pas-edt.zip
2012-10-15 11:53 - 2012-10-15 11:53 - 00387774 ____A C:\Users\Tom\Downloads\EmploiDuTemps.tgz
2012-10-14 15:47 - 2012-10-14 15:47 - 14034051 ____A C:\Users\Tom\Downloads\freedom-20120927-01 (1).exe
2012-10-14 15:41 - 2012-10-14 15:41 - 00383849 ____A C:\Users\Tom\Downloads\Steam Offline Fix 3dot0-19347-3-0.7z
2012-10-14 14:53 - 2012-10-14 14:53 - 14034051 ____A C:\Users\Tom\Downloads\freedom-20120927-01.exe
2012-10-14 14:52 - 2012-10-14 14:52 - 05159424 ____A C:\Users\Tom\Downloads\pcap503_x64 (1).msi
2012-10-14 14:52 - 2012-10-14 14:52 - 03598848 ____A C:\Users\Tom\Downloads\pcap503_x86 (1).msi
2012-10-14 01:16 - 2011-06-24 22:56 - 00000917 ____A C:\Users\Public\Desktop\Steam.lnk
2012-10-13 18:25 - 2012-10-13 18:25 - 03598848 ____A C:\Users\Tom\Downloads\pcap503_x86.msi
2012-10-13 18:24 - 2012-10-13 18:24 - 05159424 ____A C:\Users\Tom\Downloads\pcap503_x64.msi
2012-10-13 18:11 - 2012-10-13 18:11 - 03822952 ____A (Initex ) C:\Users\Tom\Downloads\ProxifierSetup.exe
2012-10-13 04:29 - 2012-10-13 04:29 - 00038912 ____A C:\Users\Tom\Downloads\SUPONTS'HEROS-planning-sports.xls
2012-10-12 10:07 - 2012-10-12 10:07 - 16833432 ____A C:\Users\Tom\Downloads\Adobe_Reader_9.0_Lite_ENG.exe
2012-10-12 10:04 - 2012-10-12 10:04 - 00373488 ____A (Softonic) C:\Users\Tom\Downloads\SoftonicDownloader_pour_pdf-xchange-viewer-portable.exe
2012-10-12 09:50 - 2012-10-12 09:50 - 02449458 ____A C:\Users\Tom\Downloads\so.eps
2012-10-12 02:05 - 2012-08-05 02:01 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-10 23:56 - 2011-01-23 01:28 - 00002479 ____A C:\Users\Tom\Desktop\Google Chrome.lnk
2012-10-09 23:01 - 2012-10-09 23:01 - 13655880 ____A ( ) C:\Users\Tom\Downloads\FreeMind-Windows-Installer-0.9.0-max.exe
2012-10-08 18:24 - 2012-10-08 18:24 - 00019118 ____A C:\Users\Tom\Downloads\F7465E5818639195DE4FE97F54B8B9567F40B4FA.torrent
2012-10-08 14:57 - 2012-10-08 14:57 - 00001053 ____A C:\Users\Public\Desktop\Scilab 5.4.0.lnk
2012-10-08 14:55 - 2012-10-08 14:55 - 28135014 ____A C:\Users\Tom\Downloads\scilab-help-chm-5.4.zip
2012-10-08 14:54 - 2012-10-08 14:54 - 20593796 ____A C:\Users\Tom\Downloads\blas-lapack-mkl-5.4-win64.zip
2012-10-08 14:54 - 2012-10-08 14:54 - 13866852 ____A C:\Users\Tom\Downloads\commons-mkl-5.4-win64.zip
2012-10-08 14:54 - 2012-10-08 14:54 - 05138855 ____A C:\Users\Tom\Downloads\fftw-mkl-5.4-win64.zip
2012-10-08 14:53 - 2012-10-08 14:53 - 116249984 ____A (Scilab Enterprises ) C:\Users\Tom\Downloads\scilab-5.4.0_x64.exe
2012-10-08 14:52 - 2012-10-08 14:52 - 113608672 ____A (Scilab Enterprises ) C:\Users\Tom\Downloads\scilab-5.4.0.exe
2012-10-06 20:57 - 2012-10-06 20:57 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2012-10-06 20:55 - 2012-10-06 20:55 - 00001972 ____A C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2012-10-06 20:54 - 2012-10-06 20:53 - 14294360 ____A (DT Soft Ltd) C:\Users\Tom\Downloads\DTLite4454-0316.exe
2012-10-06 20:53 - 2012-10-06 20:52 - 19302416 ____A (DT Soft Ltd) C:\Users\Tom\Downloads\DAEMONToolsPro510-0333.exe
2012-10-06 20:22 - 2012-10-06 20:22 - 00193224 ____A (Igor Pavlov) C:\Users\Tom\Downloads\download (1).exe
2012-10-06 20:20 - 2012-10-06 20:20 - 00193221 ____A (Igor Pavlov) C:\Users\Tom\Downloads\download.exe
2012-09-30 21:52 - 2012-09-30 21:52 - 03130340 ____A C:\Users\Tom\Downloads\DCPlusPlus-0.674.exe
2012-09-30 19:06 - 2012-09-30 19:06 - 00012341 ____A C:\Users\Tom\hie.svg
2012-09-30 17:25 - 2012-09-28 19:20 - 00031903 ____A C:\Users\Tom\att.svg
2012-09-30 16:00 - 2012-09-30 15:57 - 00023462 ____A C:\Users\Tom\dos.svg
2012-09-27 17:05 - 2012-09-27 17:04 - 00001863 ____A C:\Users\Tom\Desktop\Cycle ingénieur.lnk
2012-09-24 19:54 - 2012-09-18 17:46 - 00013709 ____A C:\Users\Tom\Documents\Classeur1.xlsx
2012-09-24 18:13 - 2012-09-24 18:13 - 01264316 ____A C:\Users\Tom\Downloads\optimiz (1).eps
2012-09-24 18:03 - 2012-09-24 18:03 - 01264316 ____A C:\Users\Tom\Downloads\optimiz.eps
2012-09-22 21:58 - 2012-09-22 21:58 - 00006610 ____A C:\Users\Tom\Downloads\shadethm-doc (3).tex
2012-09-22 21:51 - 2012-09-22 21:51 - 00006610 ____A C:\Users\Tom\Downloads\shadethm-doc (2).tex
2012-09-22 21:49 - 2012-09-22 21:49 - 00006610 ____A C:\Users\Tom\Downloads\shadethm-doc (1).tex
2012-09-22 21:38 - 2012-09-22 21:38 - 00006610 ____A C:\Users\Tom\Downloads\shadethm-doc.tex
2012-09-17 18:41 - 2012-09-17 18:41 - 06882118 ____A (Mozilla) C:\Users\Tom\Downloads\Sunbird Setup 1.0 Beta 1.exe
2012-09-17 18:41 - 2012-09-17 18:41 - 06717130 ____A (Mozilla) C:\Users\Tom\Downloads\Sunbird Setup 1.0 Beta 1 (1).exe
2012-09-17 16:18 - 2012-09-17 16:18 - 00372952 ____A (Softonic) C:\Users\Tom\Downloads\SoftonicDownloader_pour_7-sticky-notes.exe
2012-09-17 16:16 - 2012-09-17 16:16 - 00143535 ____A C:\Users\Tom\Downloads\Black and Dark Notes.gadget
2012-09-16 19:39 - 2012-09-16 19:39 - 332421013 ____A C:\Users\Tom\Downloads\stems.zip
2012-09-16 10:59 - 2012-09-16 10:59 - 39483256 ____A (Apple Inc.) C:\Users\Tom\Downloads\QuickTimeInstaller.exe
2012-09-14 20:19 - 2012-10-11 17:05 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-14 19:28 - 2012-10-11 17:05 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-09-13 22:35 - 2012-09-13 22:36 - 00000251 ____A C:\Users\Tom\Downloads\12lkjnvkjsdnfbvjfdbvpadjbfv9_220_vod_ref.mov
2012-09-13 19:09 - 2012-09-13 19:09 - 00001801 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-09-13 19:04 - 2012-03-04 21:00 - 00002491 ____A C:\Users\Public\Desktop\Safari.lnk
2012-09-11 21:42 - 2012-09-11 21:42 - 00946352 ____A (Skype Technologies S.A.) C:\Users\Tom\Downloads\SkypeSetup (1).exe
2012-09-11 21:39 - 2012-09-11 21:11 - 00000503 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2012-09-11 20:59 - 2012-09-11 20:59 - 00000228 ____A C:\Windows\SysWOW64\P.conf
2012-09-11 20:01 - 2012-09-11 20:01 - 02047357 ____A C:\Users\Tom\Downloads\AutoHotkey104805_Install.exe
2012-09-10 19:33 - 2012-09-10 19:33 - 00000118 ____A C:\Windows\ConverterCore.INI
2012-09-10 19:28 - 2012-09-10 19:28 - 18621688 ____A (Solid Documents, LLC) C:\Users\Tom\Downloads\solidconverterpdf.exe
2012-09-08 15:30 - 2012-09-08 15:29 - 05113103 ____A C:\Users\Tom\Downloads\ecole_ponts_CMJN_fond_blanc.eps
2012-09-06 23:59 - 2012-09-06 23:59 - 00075309 ____A C:\Users\Tom\Downloads\Ecliz_Cursors_by_Mefhisto (1).zip
2012-09-06 23:58 - 2012-09-06 23:58 - 00000022 ____A C:\Users\Tom\Downloads\Ecliz_Cursors_by_Mefhisto.zip
2012-09-06 23:48 - 2012-09-06 23:48 - 00353024 ____A (Softonic) C:\Users\Tom\Downloads\SoftonicDownloader_pour_windows-7-logon-background-changer (1).exe
2012-09-06 23:41 - 2012-09-06 23:41 - 00537139 ____A C:\Users\Tom\Downloads\Autoruns.zip
2012-09-05 18:32 - 2012-09-05 18:32 - 18673240 ____A (Mozilla) C:\Users\Tom\Downloads\Thunderbird Setup 15.0.exe
2012-08-31 19:19 - 2012-10-11 17:06 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-30 19:03 - 2012-10-11 17:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-30 18:12 - 2012-10-11 17:06 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-30 18:12 - 2012-10-11 17:06 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-24 19:05 - 2012-10-11 17:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 17:57 - 2012-10-11 17:05 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-24 14:43 - 2012-08-24 14:43 - 00384352 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
2012-08-24 12:15 - 2012-09-23 02:00 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 11:39 - 2012-09-23 02:00 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 11:31 - 2012-09-23 02:00 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-24 11:22 - 2012-09-23 02:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 11:21 - 2012-09-23 02:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 11:20 - 2012-09-23 02:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-24 11:18 - 2012-09-23 02:01 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 11:17 - 2012-09-23 02:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 11:14 - 2012-09-23 02:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-24 11:14 - 2012-09-23 02:00 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-24 11:13 - 2012-09-23 02:00 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-24 11:12 - 2012-09-23 02:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 11:11 - 2012-09-23 02:00 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 11:10 - 2012-09-23 02:01 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 11:09 - 2012-09-23 02:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 11:04 - 2012-09-23 02:01 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-24 08:27 - 2012-09-23 02:00 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-24 08:03 - 2012-09-23 02:00 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-24 07:59 - 2012-09-23 02:00 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-24 07:51 - 2012-09-23 02:01 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-24 07:51 - 2012-09-23 02:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-24 07:51 - 2012-09-23 02:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-24 07:49 - 2012-09-23 02:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-24 07:48 - 2012-09-23 02:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-24 07:47 - 2012-09-23 02:01 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-08-24 07:47 - 2012-09-23 02:01 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-24 07:47 - 2012-09-23 02:00 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-24 07:45 - 2012-09-23 02:00 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-08-24 07:44 - 2012-09-23 02:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-24 07:44 - 2012-09-23 02:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-24 07:43 - 2012-09-23 02:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-24 07:40 - 2012-09-23 02:01 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-23 20:34 - 2012-08-23 20:34 - 00109081 ____A C:\Users\Tom\Downloads\jquery.tooltip.zip
2012-08-23 14:35 - 2012-08-23 14:34 - 31284966 ____A (Hervé Leclerc (HeL) ) C:\Users\Tom\Downloads\wampserver2.2e-php5.4.3-httpd-2.4.2-mysql5.5.24-x64.exe
2012-08-23 14:25 - 2012-08-23 14:25 - 00001071 ____A C:\Users\Tom\Desktop\Notepad++.lnk
2012-08-23 14:24 - 2012-08-23 14:24 - 05811050 ____A C:\Users\Tom\Downloads\npp.6.1.5.Installer.exe
2012-08-23 03:48 - 2012-08-23 03:48 - 03284096 ____A C:\Users\Tom\Downloads\arabesque_brush_39889.zip
2012-08-22 19:12 - 2012-09-12 21:45 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-22 19:12 - 2012-09-12 21:45 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 19:12 - 2012-09-12 21:45 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-22 19:12 - 2012-09-12 21:45 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-08-22 15:25 - 2012-08-22 15:25 - 00529800 ____A (Bandoo Media Inc) C:\Users\Tom\Downloads\Setup_FreeConverter1.exe
2012-08-22 15:24 - 2012-08-22 15:24 - 01612410 ____A (Conduit) C:\Users\Tom\Downloads\01net_Free_MP3_WMA_Converter.exe
2012-08-21 22:01 - 2012-09-29 10:09 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-08-21 12:01 - 2012-09-13 19:09 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2012-08-21 12:01 - 2012-01-07 15:51 - 00125872 ____A (GEAR Software Inc.) C:\Windows\System32\GEARAspi64.dll
2012-08-21 12:01 - 2012-01-07 15:51 - 00106928 ____A (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2012-08-20 19:48 - 2012-10-11 17:06 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-08-20 19:48 - 2012-10-11 17:06 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-08-20 19:48 - 2012-10-11 17:06 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-08-20 19:48 - 2012-10-11 17:06 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-08-20 19:48 - 2012-10-11 17:06 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-08-20 19:48 - 2012-10-11 17:06 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-08-20 19:48 - 2012-10-11 17:06 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-08-20 19:46 - 2012-10-11 17:06 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-08-20 19:38 - 2012-10-11 17:06 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 19:38 - 2012-10-11 17:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 19:10 - 2012-08-20 19:09 - 19609977 ____A C:\Users\Tom\Downloads\PDFXVwer.zip
2012-08-20 19:10 - 2012-08-14 17:25 - 19251312 ____A (Tracker Software Products Ltd ) C:\Users\Tom\Documents\PDFXVwer.exe
2012-08-20 19:10 - 2011-12-14 21:32 - 00026759 ____A C:\Users\Tom\Documents\PDFXVW1.xml
2012-08-20 18:40 - 2012-10-11 17:06 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-08-20 18:38 - 2012-10-11 17:06 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-08-20 18:37 - 2012-10-11 17:06 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-08-20 18:37 - 2012-10-11 17:06 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-08-20 18:37 - 2012-10-11 17:06 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:32 - 2012-10-11 17:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 16:38 - 2012-10-11 17:06 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-08-20 16:38 - 2012-10-11 17:05 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-08-20 16:33 - 2012-10-11 17:05 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 16:33 - 2012-10-11 17:05 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 16:33 - 2012-10-11 17:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 16:33 - 2012-10-11 17:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-15 14:36 - 2012-08-15 14:36 - 00364498 ____A C:\Users\Tom\Downloads\Install_ReWire_1_7_Win.zip
2012-08-14 23:04 - 2012-08-14 23:04 - 00001651 ____A C:\Users\Tom\Desktop\Ableton Live 8.lnk
2012-08-11 22:24 - 2012-08-11 22:24 - 00028160 ____A C:\Users\Tom\Downloads\ippex_cv_type_2012 (1).dot
2012-08-11 17:06 - 2012-08-11 16:20 - 1388065033 ____A C:\Users\Tom\Downloads\ableton_suite_trial_833.zip
2012-08-11 01:56 - 2012-10-11 17:05 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-11 01:40 - 2012-08-11 01:40 - 00028160 ____A C:\Users\Tom\Downloads\ippex_cv_type_2012.dot
2012-08-11 00:56 - 2012-10-11 17:05 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-08-09 22:49 - 2012-08-09 22:49 - 00166934 ____A C:\Users\Tom\Downloads\t-cmscbf.zip
2012-08-09 22:44 - 2012-08-09 22:44 - 00011099 ____A C:\Users\Tom\Downloads\bold.zip

ZeroAccess:
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\@
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\L
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\U
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\L\00000004.@
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\L\201d3dde
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\U\00000004.@
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\U\00000008.@
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\U\000000cb.@
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\U\80000000.@
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\U\80000032.@
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5}\U\80000064.@

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK



==================== Restore Points =========================

Restore point made on: 2012-10-31 12:01:58
Restore point made on: 2012-10-31 12:18:53

==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 3950.07 MB
Available physical RAM: 3259.36 MB
Total Pagefile: 3948.21 MB
Available Pagefile: 3266.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (Disque de stockage) (Fixed) (Total:455.17 GB) (Free:207.58 GB) NTFS
2 Drive e: (Recovery) (Fixed) (Total:10.5 GB) (Free:0.81 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: (USB DISK) (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Nø disque Statut Taille Libre Dyn GPT
--------- ------------- ------- ------- --- ---
Disque 0 En ligne 465 G octets 0 octets
Disque 1 En ligne 1912 M octets 0 octets

Partitions of Disk 0:
===============

Nø partition Type Taille D‚calage
------------- ---------------- ------- --------
Partition 1 R‚cup‚ration 10 G 1024 K
Partition 2 Principale 100 M 10 G
Partition 3 Principale 455 G 10 G

==================================================================================

Disk: 0
Partition 1
Type : 27
Masqu‚ : Oui
Active : Non
D‚calage en octets : 1048576

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E Recovery NTFS Partition 10 G Sain Masqu‚

=========================================================

Disk: 0
Partition 2
Type : 07
Masqu‚ : Non
Active : Oui
D‚calage en octets : 11271143424

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 M Sain

=========================================================

Disk: 0
Partition 3
Type : 07
Masqu‚ : Non
Active : Non
D‚calage en octets : 11376001024

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C Disque de s NTFS Partition 455 G Sain

=========================================================

Partitions of Disk 1:
===============

Nø partition Type Taille D‚calage
------------- ---------------- ------- --------
Partition 1 Principale 1911 M 284 K

==================================================================================

Disk: 1
Partition 1
Type : 0C
Masqu‚ : Non
Active : Oui
D‚calage en octets : 290816

Nø volume Ltr Nom Fs Type Taille Statut Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G USB DISK FAT32 Amovible 1911 M Sain

=========================================================

Last Boot: 2012-10-27 00:22

==================== End Of Log =============================




Search.txt


Farbar Recovery Scan Tool (x64) Version: 30-10-2012
Ran by Système at 2012-11-04 00:41:49
Running from G:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-14 00:19] - [2009-07-14 02:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-14 00:19] - [2009-07-14 02:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC

====== End Of Search ======





Thanks for all.
 
Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the UBCD.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Next...

Restart normally.

===================================

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

==================================

  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

=================================

Download Malwarebytes' Anti-Malware (MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.
Alternate download: http://www.filehippo.com/download_malwarebytes_anti_malware/
NOTE. If you already have MBAM installed, update it before running the scan.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer IF MBAM asks you to do so.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
 

Attachments

  • fixlist.txt
    384 bytes · Views: 1
Report from TDSS

11:34:54.0060 2784 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:34:54.0176 2784 ============================================================
11:34:54.0176 2784 Current date / time: 2012/11/04 11:34:54.0176
11:34:54.0176 2784 SystemInfo:
11:34:54.0176 2784
11:34:54.0176 2784 OS Version: 6.1.7601 ServicePack: 1.0
11:34:54.0176 2784 Product type: Workstation
11:34:54.0176 2784 ComputerName: ORDINATEUR
11:34:54.0177 2784 UserName: Tom
11:34:54.0177 2784 Windows directory: C:\Windows
11:34:54.0177 2784 System windows directory: C:\Windows
11:34:54.0177 2784 Running under WOW64
11:34:54.0177 2784 Processor architecture: Intel x64
11:34:54.0177 2784 Number of processors: 4
11:34:54.0177 2784 Page size: 0x1000
11:34:54.0177 2784 Boot type: Normal boot
11:34:54.0177 2784 ============================================================
11:34:55.0327 2784 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:55.0332 2784 Drive \Device\Harddisk3\DR3 - Size: 0x77800000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:34:55.0334 2784 ============================================================
11:34:55.0334 2784 \Device\Harddisk0\DR0:
11:34:55.0334 2784 MBR partitions:
11:34:55.0334 2784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14FE800, BlocksNum 0x32000
11:34:55.0334 2784 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1530800, BlocksNum 0x38E55030
11:34:55.0334 2784 \Device\Harddisk3\DR3:
11:34:55.0335 2784 MBR partitions:
11:34:55.0335 2784 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x238, BlocksNum 0x3BBDC8
11:34:55.0335 2784 ============================================================
11:34:55.0559 2784 C: <-> \Device\Harddisk0\DR0\Partition2
11:34:55.0559 2784 ============================================================
11:34:55.0559 2784 Initialize success
11:34:55.0559 2784 ============================================================
11:34:57.0570 4408 ============================================================
11:34:57.0570 4408 Scan started
11:34:57.0570 4408 Mode: Manual;
11:34:57.0570 4408 ============================================================
11:34:58.0343 4408 ================ Scan system memory ========================
11:34:58.0343 4408 System memory - ok
11:34:58.0346 4408 ================ Scan services =============================
11:34:59.0292 4408 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:34:59.0320 4408 1394ohci - ok
11:34:59.0434 4408 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:34:59.0438 4408 ACDaemon - ok
11:34:59.0510 4408 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:34:59.0514 4408 ACPI - ok
11:34:59.0549 4408 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:34:59.0557 4408 AcpiPmi - ok
11:34:59.0623 4408 AdobeARMservice - ok
11:34:59.0719 4408 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:34:59.0736 4408 adp94xx - ok
11:34:59.0793 4408 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:34:59.0808 4408 adpahci - ok
11:34:59.0841 4408 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:34:59.0853 4408 adpu320 - ok
11:34:59.0913 4408 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:34:59.0914 4408 AeLookupSvc - ok
11:34:59.0991 4408 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:34:59.0999 4408 AFD - ok
11:35:00.0044 4408 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:35:00.0055 4408 agp440 - ok
11:35:00.0094 4408 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:35:00.0096 4408 ALG - ok
11:35:00.0135 4408 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:35:00.0144 4408 aliide - ok
11:35:00.0197 4408 [ 3260756E234083BD2BD1709C60B6E6D7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:35:00.0199 4408 AMD External Events Utility - ok
11:35:00.0247 4408 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:35:00.0271 4408 amdide - ok
11:35:00.0369 4408 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:35:00.0384 4408 AmdK8 - ok
11:35:00.0392 4408 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:35:00.0401 4408 AmdPPM - ok
11:35:00.0447 4408 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:35:00.0472 4408 amdsata - ok
11:35:00.0596 4408 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:35:00.0610 4408 amdsbs - ok
11:35:00.0708 4408 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:35:00.0708 4408 amdxata - ok
11:35:00.0778 4408 [ 1661F9C9E4B0049FA0A5E30264375A87 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
11:35:00.0788 4408 ApfiltrService - ok
11:35:00.0855 4408 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:35:00.0882 4408 AppID - ok
11:35:00.0921 4408 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:35:00.0923 4408 AppIDSvc - ok
11:35:01.0002 4408 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:35:01.0018 4408 Appinfo - ok
11:35:01.0251 4408 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:35:01.0258 4408 Apple Mobile Device - ok
11:35:01.0295 4408 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:35:01.0306 4408 arc - ok
11:35:01.0330 4408 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:35:01.0340 4408 arcsas - ok
11:35:01.0384 4408 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
11:35:01.0392 4408 ArcSoftKsUFilter - ok
11:35:01.0620 4408 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:35:01.0720 4408 aspnet_state - ok
11:35:01.0782 4408 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:35:01.0790 4408 AsyncMac - ok
11:35:01.0841 4408 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:35:01.0842 4408 atapi - ok
11:35:02.0239 4408 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:35:02.0282 4408 athr - ok
11:35:02.0645 4408 [ F3A362B683B6158CC47D7E8E58B7DDC9 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:35:02.0870 4408 atikmdag - ok
11:35:02.0933 4408 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:35:02.0943 4408 AudioEndpointBuilder - ok
11:35:02.0956 4408 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:35:02.0960 4408 AudioSrv - ok
11:35:03.0294 4408 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:35:03.0322 4408 AVGIDSAgent - ok
11:35:03.0407 4408 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:35:03.0409 4408 AVGIDSDriver - ok
11:35:03.0417 4408 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:35:03.0418 4408 AVGIDSFilter - ok
11:35:03.0474 4408 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
11:35:03.0475 4408 AVGIDSHA - ok
11:35:03.0564 4408 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
11:35:03.0566 4408 Avgldx64 - ok
11:35:03.0605 4408 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
11:35:03.0616 4408 Avgmfx64 - ok
11:35:03.0661 4408 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
11:35:03.0662 4408 Avgrkx64 - ok
11:35:03.0800 4408 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
11:35:03.0812 4408 Avgtdia - ok
11:35:03.0897 4408 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:35:03.0900 4408 avgwd - ok
11:35:04.0010 4408 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:35:04.0023 4408 AxInstSV - ok
11:35:04.0068 4408 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:35:04.0092 4408 b06bdrv - ok
11:35:04.0139 4408 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:35:04.0159 4408 b57nd60a - ok
11:35:04.0229 4408 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:35:04.0232 4408 BDESVC - ok
11:35:04.0250 4408 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:35:04.0263 4408 Beep - ok
11:35:04.0294 4408 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:35:04.0307 4408 blbdrive - ok
11:35:04.0462 4408 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:35:04.0467 4408 Bonjour Service - ok
11:35:04.0500 4408 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:35:04.0501 4408 bowser - ok
11:35:04.0550 4408 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:35:04.0562 4408 BrFiltLo - ok
11:35:04.0598 4408 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:35:04.0631 4408 BrFiltUp - ok
11:35:04.0699 4408 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:35:04.0716 4408 Browser - ok
11:35:04.0751 4408 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:35:04.0778 4408 Brserid - ok
11:35:04.0794 4408 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:35:04.0806 4408 BrSerWdm - ok
11:35:04.0820 4408 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:35:04.0833 4408 BrUsbMdm - ok
11:35:04.0855 4408 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:35:04.0867 4408 BrUsbSer - ok
11:35:04.0944 4408 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:35:04.0971 4408 BthEnum - ok
11:35:04.0995 4408 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:35:05.0006 4408 BTHMODEM - ok
11:35:05.0028 4408 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:35:05.0041 4408 BthPan - ok
11:35:05.0266 4408 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:35:05.0292 4408 BTHPORT - ok
11:35:05.0342 4408 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:35:05.0345 4408 bthserv - ok
11:35:05.0384 4408 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:35:05.0398 4408 BTHUSB - ok
11:35:05.0433 4408 [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
11:35:05.0447 4408 btusbflt - ok
11:35:05.0491 4408 [ 4BDBDB86ABBA924E029FB2683BE7C505 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
11:35:05.0509 4408 btwaudio - ok
11:35:05.0550 4408 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
11:35:05.0566 4408 btwavdt - ok
11:35:05.0851 4408 [ 31DA517946FFE416442E864592548F8A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:35:05.0859 4408 btwdins - ok
11:35:05.0890 4408 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
11:35:05.0904 4408 btwl2cap - ok
11:35:05.0943 4408 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\drivers\btwrchid.sys
11:35:05.0957 4408 btwrchid - ok
11:35:05.0982 4408 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:35:05.0995 4408 cdfs - ok
11:35:06.0037 4408 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:35:06.0054 4408 cdrom - ok
11:35:06.0114 4408 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:35:06.0132 4408 CertPropSvc - ok
11:35:06.0178 4408 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:35:06.0192 4408 circlass - ok
11:35:06.0249 4408 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:35:06.0257 4408 CLFS - ok
11:35:06.0391 4408 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:35:06.0402 4408 clr_optimization_v2.0.50727_32 - ok
11:35:06.0449 4408 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:35:06.0453 4408 clr_optimization_v2.0.50727_64 - ok
11:35:06.0580 4408 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:35:06.0723 4408 clr_optimization_v4.0.30319_32 - ok
11:35:06.0766 4408 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:35:06.0771 4408 clr_optimization_v4.0.30319_64 - ok
11:35:06.0814 4408 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:35:06.0829 4408 CmBatt - ok
11:35:06.0846 4408 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:35:06.0867 4408 cmdide - ok
11:35:07.0025 4408 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:35:07.0038 4408 CNG - ok
11:35:07.0077 4408 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:35:07.0077 4408 Compbatt - ok
11:35:07.0147 4408 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:35:07.0163 4408 CompositeBus - ok
11:35:07.0183 4408 COMSysApp - ok
11:35:07.0198 4408 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:35:07.0212 4408 crcdisk - ok
11:35:07.0288 4408 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:35:07.0313 4408 CryptSvc - ok
11:35:07.0363 4408 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:35:07.0385 4408 DcomLaunch - ok
11:35:07.0427 4408 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:35:07.0443 4408 defragsvc - ok
11:35:07.0490 4408 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:35:07.0492 4408 DfsC - ok
11:35:07.0532 4408 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:35:07.0539 4408 Dhcp - ok
11:35:07.0583 4408 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:35:07.0589 4408 discache - ok
11:35:07.0622 4408 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:35:07.0624 4408 Disk - ok
11:35:07.0738 4408 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:35:07.0760 4408 Dnscache - ok
11:35:07.0801 4408 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:35:07.0808 4408 dot3svc - ok
11:35:07.0870 4408 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:35:07.0884 4408 DPS - ok
11:35:07.0909 4408 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:35:07.0921 4408 drmkaud - ok
11:35:08.0029 4408 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:35:08.0033 4408 dtsoftbus01 - ok
11:35:08.0095 4408 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:35:08.0117 4408 DXGKrnl - ok
11:35:08.0156 4408 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:35:08.0159 4408 EapHost - ok
11:35:08.0596 4408 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:35:08.0717 4408 ebdrv - ok
11:35:08.0771 4408 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:35:08.0773 4408 EFS - ok
11:35:09.0054 4408 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:35:09.0081 4408 ehRecvr - ok
11:35:09.0134 4408 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:35:09.0148 4408 ehSched - ok
11:35:09.0206 4408 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:35:09.0234 4408 elxstor - ok
11:35:09.0264 4408 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:35:09.0290 4408 ErrDev - ok
11:35:09.0387 4408 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:35:09.0396 4408 EventSystem - ok
11:35:09.0422 4408 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:35:09.0441 4408 exfat - ok
11:35:09.0461 4408 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:35:09.0465 4408 fastfat - ok
11:35:09.0562 4408 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:35:09.0572 4408 Fax - ok
11:35:09.0625 4408 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:35:09.0636 4408 fdc - ok
11:35:09.0646 4408 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:35:09.0648 4408 fdPHost - ok
11:35:09.0664 4408 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:35:09.0665 4408 FDResPub - ok
11:35:09.0675 4408 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:35:09.0676 4408 FileInfo - ok
11:35:09.0688 4408 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:35:09.0689 4408 Filetrace - ok
11:35:09.0705 4408 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:35:09.0715 4408 flpydisk - ok
11:35:09.0752 4408 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:35:09.0759 4408 FltMgr - ok
11:35:09.0836 4408 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:35:09.0862 4408 FontCache - ok
11:35:09.0929 4408 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:35:09.0932 4408 FontCache3.0.0.0 - ok
11:35:09.0966 4408 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:35:09.0988 4408 FsDepends - ok
11:35:10.0038 4408 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
11:35:10.0053 4408 fssfltr - ok
11:35:10.0580 4408 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:35:10.0593 4408 fsssvc - ok
11:35:10.0647 4408 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:35:10.0648 4408 Fs_Rec - ok
11:35:10.0701 4408 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:35:10.0705 4408 fvevol - ok
11:35:10.0748 4408 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:35:10.0765 4408 gagp30kx - ok
11:35:10.0847 4408 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:35:10.0863 4408 GEARAspiWDM - ok
11:35:11.0095 4408 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:35:11.0122 4408 gpsvc - ok
11:35:11.0157 4408 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:35:11.0170 4408 hcw85cir - ok
11:35:11.0254 4408 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:35:11.0319 4408 HdAudAddService - ok
11:35:11.0370 4408 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:35:11.0373 4408 HDAudBus - ok
11:35:11.0483 4408 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:35:11.0498 4408 HECIx64 - ok
11:35:11.0519 4408 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:35:11.0540 4408 HidBatt - ok
11:35:11.0574 4408 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:35:11.0599 4408 HidBth - ok
11:35:11.0635 4408 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:35:11.0673 4408 HidIr - ok
11:35:11.0710 4408 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:35:11.0732 4408 hidserv - ok
11:35:11.0773 4408 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:35:11.0774 4408 HidUsb - ok
11:35:11.0840 4408 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:35:11.0854 4408 hkmsvc - ok
11:35:11.0970 4408 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:35:11.0993 4408 HomeGroupListener - ok
11:35:12.0023 4408 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:35:12.0029 4408 HomeGroupProvider - ok
11:35:12.0062 4408 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:35:12.0078 4408 HpSAMD - ok
11:35:12.0298 4408 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:35:12.0304 4408 HTTP - ok
11:35:12.0354 4408 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:35:12.0355 4408 hwpolicy - ok
11:35:12.0425 4408 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:35:12.0443 4408 i8042prt - ok
11:35:12.0493 4408 [ 073A606333B6F7BBF20AA856DF7F0997 ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:35:12.0498 4408 iaStor - ok
11:35:12.0624 4408 [ CC800D2D9FD467542BAC7C186C4774AD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:35:12.0625 4408 IAStorDataMgrSvc - ok
11:35:12.0665 4408 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:35:12.0686 4408 iaStorV - ok
11:35:12.0919 4408 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:35:12.0933 4408 idsvc - ok
11:35:13.0655 4408 [ 31D1AFF484D8A0906CF8D44251EC390F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:35:13.0859 4408 igfx - ok
11:35:13.0903 4408 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:35:13.0915 4408 iirsp - ok
11:35:14.0156 4408 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:35:14.0176 4408 IKEEXT - ok
11:35:14.0244 4408 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\drivers\Impcd.sys
11:35:14.0260 4408 Impcd - ok
11:35:14.0391 4408 [ 0F144E5F46CB9043004B5E84AA4BCA6A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:35:14.0416 4408 IntcAzAudAddService - ok
11:35:14.0460 4408 [ 408B401CD7CDB075C7470B0FF7BA8D0B ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:35:14.0481 4408 IntcDAud - ok
11:35:14.0509 4408 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:35:14.0521 4408 intelide - ok
11:35:14.0567 4408 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:35:14.0568 4408 intelppm - ok
11:35:14.0612 4408 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:35:14.0616 4408 IPBusEnum - ok
11:35:14.0700 4408 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:35:14.0717 4408 IpFilterDriver - ok
11:35:14.0791 4408 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:35:14.0829 4408 IPMIDRV - ok
11:35:14.0884 4408 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:35:14.0900 4408 IPNAT - ok
11:35:14.0991 4408 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:35:15.0002 4408 iPod Service - ok
11:35:15.0031 4408 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:35:15.0032 4408 IRENUM - ok
11:35:15.0051 4408 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:35:15.0065 4408 isapnp - ok
11:35:15.0087 4408 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:35:15.0107 4408 iScsiPrt - ok
11:35:15.0141 4408 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:35:15.0154 4408 kbdclass - ok
11:35:15.0188 4408 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:35:15.0201 4408 kbdhid - ok
11:35:15.0215 4408 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:35:15.0216 4408 KeyIso - ok
11:35:15.0271 4408 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:35:15.0274 4408 KSecDD - ok
11:35:15.0343 4408 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:35:15.0366 4408 KSecPkg - ok
11:35:15.0406 4408 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:35:15.0416 4408 ksthunk - ok
11:35:15.0451 4408 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:35:15.0470 4408 KtmRm - ok
11:35:15.0509 4408 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:35:15.0518 4408 LanmanServer - ok
11:35:15.0593 4408 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:35:15.0608 4408 LanmanWorkstation - ok
11:35:15.0673 4408 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:35:15.0675 4408 lltdio - ok
11:35:15.0820 4408 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:35:15.0852 4408 lltdsvc - ok
11:35:15.0872 4408 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:35:15.0874 4408 lmhosts - ok
11:35:15.0968 4408 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:35:15.0972 4408 LMS - ok
11:35:16.0024 4408 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:35:16.0040 4408 LSI_FC - ok
11:35:16.0059 4408 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:35:16.0075 4408 LSI_SAS - ok
11:35:16.0093 4408 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:35:16.0108 4408 LSI_SAS2 - ok
11:35:16.0129 4408 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:35:16.0145 4408 LSI_SCSI - ok
11:35:16.0180 4408 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:35:16.0182 4408 luafv - ok
11:35:16.0243 4408 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:35:16.0268 4408 Mcx2Svc - ok
11:35:16.0291 4408 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:35:16.0306 4408 megasas - ok
11:35:16.0331 4408 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:35:16.0360 4408 MegaSR - ok
11:35:16.0432 4408 [ 2279F71123307A0ABA5FF76C12CCAFDA ] MFWAMIDI64 C:\Windows\system32\drivers\MFWAMIDI64.sys
11:35:16.0449 4408 MFWAMIDI64 - ok
11:35:16.0469 4408 [ 31EB3F4FBDF3CBDB79AA4603D06228F3 ] MFWAWAVE64 C:\Windows\system32\drivers\MFWAWAVE64.sys
11:35:16.0483 4408 MFWAWAVE64 - ok
11:35:16.0515 4408 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:35:16.0519 4408 MMCSS - ok
11:35:16.0536 4408 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:35:16.0549 4408 Modem - ok
11:35:16.0601 4408 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:35:16.0602 4408 monitor - ok
11:35:16.0643 4408 [ EDFBAF34F55A5D0904D2E8F246A120AA ] motubus C:\Windows\system32\drivers\MotuBus64.sys
11:35:16.0656 4408 motubus - ok
11:35:16.0768 4408 [ C43F5DEB03521F13531C7A7C57896871 ] MotuFWA64 C:\Windows\system32\drivers\Motufwa64.sys
11:35:16.0805 4408 MotuFWA64 - ok
11:35:16.0854 4408 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:35:16.0871 4408 mouclass - ok
11:35:16.0912 4408 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:35:16.0914 4408 mouhid - ok
11:35:16.0958 4408 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:35:16.0970 4408 mountmgr - ok
11:35:16.0983 4408 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:35:17.0002 4408 mpio - ok
11:35:17.0033 4408 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:35:17.0048 4408 mpsdrv - ok
11:35:17.0087 4408 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:35:17.0103 4408 MRxDAV - ok
11:35:17.0180 4408 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:35:17.0183 4408 mrxsmb - ok
11:35:17.0233 4408 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:35:17.0237 4408 mrxsmb10 - ok
11:35:17.0261 4408 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:35:17.0263 4408 mrxsmb20 - ok
11:35:17.0296 4408 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:35:17.0309 4408 msahci - ok
11:35:17.0358 4408 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:35:17.0376 4408 msdsm - ok
11:35:17.0447 4408 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:35:17.0486 4408 MSDTC - ok
11:35:17.0512 4408 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:35:17.0522 4408 Msfs - ok
11:35:17.0554 4408 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:35:17.0556 4408 mshidkmdf - ok
11:35:17.0602 4408 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:35:17.0603 4408 msisadrv - ok
11:35:17.0639 4408 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:35:17.0654 4408 MSiSCSI - ok
11:35:17.0659 4408 msiserver - ok
11:35:17.0702 4408 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:35:17.0714 4408 MSKSSRV - ok
11:35:17.0745 4408 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:35:17.0757 4408 MSPCLOCK - ok
11:35:17.0767 4408 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:35:17.0778 4408 MSPQM - ok
11:35:17.0901 4408 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:35:17.0923 4408 MsRPC - ok
11:35:17.0959 4408 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:35:17.0960 4408 mssmbios - ok
11:35:17.0986 4408 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:35:17.0998 4408 MSTEE - ok
11:35:18.0512 4408 [ 0F4DD44765A7D23E0CD9965EE900558F ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
11:35:18.0638 4408 msvsmon90 - ok
11:35:18.0683 4408 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:35:18.0715 4408 MTConfig - ok
11:35:18.0758 4408 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:35:18.0759 4408 Mup - ok
11:35:18.0928 4408 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:35:18.0952 4408 napagent - ok
11:35:19.0003 4408 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:35:19.0011 4408 NativeWifiP - ok
11:35:19.0274 4408 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:35:19.0302 4408 NDIS - ok
11:35:19.0329 4408 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:35:19.0341 4408 NdisCap - ok
11:35:19.0387 4408 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:35:19.0411 4408 NdisTapi - ok
11:35:19.0444 4408 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:35:19.0444 4408 Ndisuio - ok
11:35:19.0541 4408 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:35:19.0559 4408 NdisWan - ok
11:35:19.0608 4408 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:35:19.0636 4408 NDProxy - ok
11:35:19.0692 4408 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:35:19.0707 4408 NetBIOS - ok
11:35:19.0758 4408 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:35:19.0773 4408 NetBT - ok
11:35:19.0791 4408 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:35:19.0793 4408 Netlogon - ok
11:35:19.0923 4408 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:35:19.0942 4408 Netman - ok
11:35:20.0004 4408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:20.0054 4408 NetMsmqActivator - ok
11:35:20.0063 4408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:20.0066 4408 NetPipeActivator - ok
11:35:20.0216 4408 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:35:20.0241 4408 netprofm - ok
11:35:20.0249 4408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:20.0251 4408 NetTcpActivator - ok
11:35:20.0259 4408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:20.0261 4408 NetTcpPortSharing - ok
11:35:20.0310 4408 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:35:20.0346 4408 nfrd960 - ok
11:35:20.0503 4408 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:35:20.0527 4408 NlaSvc - ok
11:35:20.0568 4408 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:35:20.0582 4408 Npfs - ok
11:35:20.0624 4408 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:35:20.0641 4408 nsi - ok
11:35:20.0676 4408 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:35:20.0678 4408 nsiproxy - ok
11:35:21.0109 4408 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:35:21.0141 4408 Ntfs - ok
11:35:21.0161 4408 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:35:21.0195 4408 Null - ok
11:35:21.0243 4408 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:35:21.0261 4408 nvraid - ok
11:35:21.0279 4408 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:35:21.0293 4408 nvstor - ok
11:35:21.0329 4408 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:35:21.0350 4408 nv_agp - ok
11:35:21.0389 4408 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:35:21.0418 4408 ohci1394 - ok
11:35:21.0503 4408 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:35:21.0526 4408 ose64 - ok
11:35:22.0605 4408 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:35:22.0734 4408 osppsvc - ok
11:35:22.0783 4408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:35:22.0808 4408 p2pimsvc - ok
11:35:22.0983 4408 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:35:23.0007 4408 p2psvc - ok
11:35:23.0039 4408 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:35:23.0055 4408 Parport - ok
11:35:23.0109 4408 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:35:23.0129 4408 partmgr - ok
11:35:23.0156 4408 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:35:23.0162 4408 PcaSvc - ok
11:35:23.0228 4408 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
11:35:23.0260 4408 pccsmcfd - ok
11:35:23.0287 4408 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:35:23.0290 4408 pci - ok
11:35:23.0319 4408 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:35:23.0330 4408 pciide - ok
11:35:23.0353 4408 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:35:23.0370 4408 pcmcia - ok
11:35:23.0384 4408 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:35:23.0385 4408 pcw - ok
11:35:23.0571 4408 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:35:23.0581 4408 PEAUTH - ok
11:35:24.0622 4408 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:35:24.0640 4408 PerfHost - ok
11:35:25.0087 4408 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:35:25.0121 4408 pla - ok
11:35:25.0198 4408 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:35:25.0209 4408 PlugPlay - ok
11:35:25.0383 4408 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
11:35:25.0424 4408 PMBDeviceInfoProvider - ok
11:35:25.0462 4408 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:35:25.0466 4408 PNRPAutoReg - ok
11:35:25.0496 4408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:35:25.0501 4408 PNRPsvc - ok
11:35:25.0568 4408 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:35:25.0591 4408 PolicyAgent - ok
11:35:25.0686 4408 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:35:25.0701 4408 Power - ok
11:35:25.0761 4408 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:35:25.0776 4408 PptpMiniport - ok
11:35:25.0834 4408 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:35:25.0864 4408 Processor - ok
11:35:25.0966 4408 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:35:25.0984 4408 ProfSvc - ok
11:35:26.0002 4408 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:35:26.0004 4408 ProtectedStorage - ok
11:35:26.0069 4408 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:35:26.0071 4408 Psched - ok
11:35:26.0408 4408 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:35:26.0475 4408 ql2300 - ok
11:35:26.0520 4408 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:35:26.0561 4408 ql40xx - ok
11:35:26.0600 4408 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:35:26.0607 4408 QWAVE - ok
11:35:26.0618 4408 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:35:26.0621 4408 QWAVEdrv - ok
11:35:26.0676 4408 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:35:26.0710 4408 RasAcd - ok
11:35:26.0757 4408 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:35:26.0772 4408 RasAgileVpn - ok
11:35:26.0791 4408 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:35:26.0795 4408 RasAuto - ok
11:35:26.0840 4408 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:35:26.0851 4408 Rasl2tp - ok
11:35:26.0956 4408 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:35:26.0970 4408 RasMan - ok
11:35:27.0000 4408 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:35:27.0016 4408 RasPppoe - ok
11:35:27.0045 4408 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:35:27.0060 4408 RasSstp - ok
11:35:27.0164 4408 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:35:27.0185 4408 rdbss - ok
11:35:27.0212 4408 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:35:27.0235 4408 rdpbus - ok
11:35:27.0258 4408 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
 
11:35:27.0259 4408 RDPCDD - ok
11:35:27.0287 4408 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:35:27.0289 4408 RDPENCDD - ok
11:35:27.0308 4408 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:35:27.0310 4408 RDPREFMP - ok
11:35:27.0389 4408 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:35:27.0415 4408 RDPWD - ok
11:35:27.0472 4408 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:35:27.0482 4408 rdyboost - ok
11:35:27.0520 4408 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:35:27.0531 4408 RemoteAccess - ok
11:35:27.0605 4408 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:35:27.0620 4408 RemoteRegistry - ok
11:35:27.0693 4408 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:35:27.0720 4408 RFCOMM - ok
11:35:27.0793 4408 [ 5CA4ABD888B602551B59BAA26941C167 ] rimspci C:\Windows\system32\drivers\rimssne64.sys
11:35:27.0809 4408 rimspci - ok
11:35:27.0837 4408 [ BB6E138AEB351728959DA5E2731D8140 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
11:35:27.0850 4408 risdsnpe - ok
11:35:27.0864 4408 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:35:27.0868 4408 RpcEptMapper - ok
11:35:27.0897 4408 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:35:27.0900 4408 RpcLocator - ok
11:35:28.0060 4408 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:35:28.0069 4408 RpcSs - ok
11:35:28.0107 4408 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:35:28.0110 4408 rspndr - ok
11:35:28.0162 4408 [ 4E821C740A675F6D040BE41D59A62B1D ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
11:35:28.0180 4408 RTHDMIAzAudService - ok
11:35:28.0257 4408 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:35:28.0259 4408 SamSs - ok
11:35:28.0304 4408 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:35:28.0321 4408 sbp2port - ok
11:35:28.0349 4408 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:35:28.0355 4408 SCardSvr - ok
11:35:28.0394 4408 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:35:28.0395 4408 scfilter - ok
11:35:28.0566 4408 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:35:28.0591 4408 Schedule - ok
11:35:28.0656 4408 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:35:28.0657 4408 SCPolicySvc - ok
11:35:28.0708 4408 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
11:35:28.0742 4408 sdbus - ok
11:35:28.0820 4408 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:35:28.0845 4408 SDRSVC - ok
11:35:28.0888 4408 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:35:28.0890 4408 secdrv - ok
11:35:28.0936 4408 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:35:28.0939 4408 seclogon - ok
11:35:28.0970 4408 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:35:28.0985 4408 SENS - ok
11:35:29.0018 4408 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:35:29.0021 4408 SensrSvc - ok
11:35:29.0048 4408 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:35:29.0060 4408 Serenum - ok
11:35:29.0088 4408 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:35:29.0103 4408 Serial - ok
11:35:29.0115 4408 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:35:29.0127 4408 sermouse - ok
11:35:29.0376 4408 [ E802089FEC30A95FDFD218995308F9B3 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
11:35:29.0399 4408 ServiceLayer - ok
11:35:29.0456 4408 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:35:29.0463 4408 SessionEnv - ok
11:35:29.0500 4408 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\drivers\SFEP.sys
11:35:29.0512 4408 SFEP - ok
11:35:29.0546 4408 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:35:29.0558 4408 sffdisk - ok
11:35:29.0611 4408 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:35:29.0641 4408 sffp_mmc - ok
11:35:29.0662 4408 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:35:29.0673 4408 sffp_sd - ok
11:35:29.0721 4408 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:35:29.0735 4408 sfloppy - ok
11:35:29.0857 4408 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:35:29.0875 4408 ShellHWDetection - ok
11:35:29.0892 4408 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:35:29.0908 4408 SiSRaid2 - ok
11:35:29.0913 4408 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:35:29.0925 4408 SiSRaid4 - ok
11:35:30.0064 4408 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:35:30.0066 4408 SkypeUpdate - ok
11:35:30.0111 4408 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:35:30.0127 4408 Smb - ok
11:35:30.0173 4408 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:35:30.0177 4408 SNMPTRAP - ok
11:35:30.0381 4408 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
11:35:30.0404 4408 SOHCImp - ok
11:35:30.0431 4408 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
11:35:30.0434 4408 SOHDBSvr - ok
11:35:30.0474 4408 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
11:35:30.0484 4408 SOHDms - ok
11:35:30.0499 4408 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
11:35:30.0502 4408 SOHDs - ok
11:35:30.0523 4408 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
11:35:30.0535 4408 SOHPlMgr - ok
11:35:30.0578 4408 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:35:30.0579 4408 spldr - ok
11:35:30.0739 4408 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:35:30.0748 4408 Spooler - ok
11:35:31.0604 4408 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:35:31.0701 4408 sppsvc - ok
11:35:31.0768 4408 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:35:31.0785 4408 sppuinotify - ok
11:35:31.0950 4408 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:35:31.0955 4408 srv - ok
11:35:32.0064 4408 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:35:32.0070 4408 srv2 - ok
11:35:32.0138 4408 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:35:32.0141 4408 srvnet - ok
11:35:32.0255 4408 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:35:32.0280 4408 SSDPSRV - ok
11:35:32.0344 4408 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
11:35:32.0345 4408 SSPORT - ok
11:35:32.0439 4408 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:35:32.0462 4408 SstpSvc - ok
11:35:32.0506 4408 Steam Client Service - ok
11:35:32.0556 4408 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:35:32.0573 4408 stexstor - ok
11:35:32.0755 4408 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:35:32.0783 4408 stisvc - ok
11:35:32.0880 4408 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:35:32.0897 4408 swenum - ok
11:35:33.0046 4408 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:35:33.0070 4408 swprv - ok
11:35:33.0223 4408 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:35:33.0252 4408 SysMain - ok
11:35:33.0294 4408 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:35:33.0318 4408 TabletInputService - ok
11:35:33.0361 4408 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:35:33.0371 4408 TapiSrv - ok
11:35:33.0405 4408 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:35:33.0407 4408 TBS - ok
11:35:33.0575 4408 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:35:33.0592 4408 Tcpip - ok
11:35:33.0628 4408 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:35:33.0640 4408 TCPIP6 - ok
11:35:33.0695 4408 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:35:33.0696 4408 tcpipreg - ok
11:35:33.0762 4408 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:35:33.0796 4408 TDPIPE - ok
11:35:33.0826 4408 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:35:33.0836 4408 TDTCP - ok
11:35:33.0912 4408 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:35:33.0922 4408 tdx - ok
11:35:33.0963 4408 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:35:33.0972 4408 TermDD - ok
11:35:34.0161 4408 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:35:34.0182 4408 TermService - ok
11:35:34.0224 4408 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:35:34.0246 4408 Themes - ok
11:35:34.0287 4408 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:35:34.0290 4408 THREADORDER - ok
11:35:34.0307 4408 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:35:34.0332 4408 TrkWks - ok
11:35:34.0409 4408 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:35:34.0433 4408 TrustedInstaller - ok
11:35:34.0466 4408 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:35:34.0468 4408 tssecsrv - ok
11:35:34.0558 4408 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:35:34.0577 4408 TsUsbFlt - ok
11:35:34.0632 4408 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:35:34.0641 4408 tunnel - ok
11:35:34.0696 4408 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:35:34.0731 4408 uagp35 - ok
11:35:34.0786 4408 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe
11:35:34.0789 4408 uCamMonitor - ok
11:35:34.0912 4408 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:35:34.0930 4408 udfs - ok
11:35:34.0973 4408 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:35:34.0988 4408 UI0Detect - ok
11:35:35.0027 4408 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:35:35.0043 4408 uliagpkx - ok
11:35:35.0090 4408 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:35:35.0103 4408 umbus - ok
11:35:35.0138 4408 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:35:35.0165 4408 UmPass - ok
11:35:35.0876 4408 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:35:36.0056 4408 UNS - ok
11:35:36.0228 4408 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:35:36.0244 4408 upnphost - ok
11:35:36.0305 4408 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:35:36.0307 4408 USBAAPL64 - ok
11:35:36.0345 4408 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:35:36.0360 4408 usbccgp - ok
11:35:36.0438 4408 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:35:36.0580 4408 usbcir - ok
11:35:36.0678 4408 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:35:36.0718 4408 usbehci - ok
11:35:36.0903 4408 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:35:36.0923 4408 usbhub - ok
11:35:36.0962 4408 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:35:37.0001 4408 usbohci - ok
11:35:37.0107 4408 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:35:37.0125 4408 usbprint - ok
11:35:37.0219 4408 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:35:37.0276 4408 usbscan - ok
11:35:37.0426 4408 [ 0F0C72A657C622286013788B886968AD ] usbser C:\Windows\system32\drivers\usbser.sys
11:35:37.0453 4408 usbser - ok
11:35:37.0516 4408 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:35:37.0518 4408 USBSTOR - ok
11:35:37.0542 4408 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:35:37.0561 4408 usbuhci - ok
11:35:37.0678 4408 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:35:37.0730 4408 usbvideo - ok
11:35:37.0760 4408 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:35:37.0764 4408 UxSms - ok
11:35:37.0861 4408 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
11:35:37.0877 4408 VAIO Entertainment TV Device Arbitration Service - ok
11:35:38.0055 4408 [ 6B31C9CB94927DBEEB62E15275F4CC54 ] VAIO Event Service C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
11:35:38.0058 4408 VAIO Event Service - ok
11:35:38.0392 4408 [ B8C9A7010AFD5CBBE194CB9EF7C4FD14 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
11:35:38.0399 4408 VAIO Power Management - ok
11:35:38.0431 4408 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:35:38.0432 4408 VaultSvc - ok
11:35:38.0687 4408 [ 6A740F5FF3246C3BE3DD317299EFC88E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
11:35:38.0696 4408 VCFw - ok
11:35:38.0789 4408 [ 10E212BFB7EAB152A64C1AAEC2F7F4E0 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
11:35:38.0797 4408 VcmIAlzMgr - ok
11:35:38.0907 4408 [ 9D9B34B430B4DC683112F59C80D20AB8 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
11:35:38.0929 4408 VcmINSMgr - ok
11:35:39.0094 4408 [ 8EFAACCC7BFA1E9031EFDFB01A1B0D69 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
11:35:39.0109 4408 VcmXmlIfHelper - ok
11:35:39.0215 4408 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
11:35:39.0225 4408 VCService - ok
11:35:39.0268 4408 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:35:39.0269 4408 vdrvroot - ok
11:35:39.0366 4408 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:35:39.0402 4408 vds - ok
11:35:39.0477 4408 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:35:39.0490 4408 vga - ok
11:35:39.0574 4408 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:35:39.0599 4408 VgaSave - ok
11:35:39.0664 4408 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:35:39.0732 4408 vhdmp - ok
11:35:39.0799 4408 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:35:39.0825 4408 viaide - ok
11:35:39.0857 4408 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:35:39.0874 4408 volmgr - ok
11:35:39.0959 4408 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:35:39.0976 4408 volmgrx - ok
11:35:40.0061 4408 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:35:40.0080 4408 volsnap - ok
11:35:40.0180 4408 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:35:40.0244 4408 vsmraid - ok
11:35:40.0590 4408 [ 33655F6B36AA8702960AB1568ED82A01 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
11:35:40.0600 4408 VSNService - ok
11:35:41.0002 4408 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:35:41.0043 4408 VSS - ok
11:35:41.0574 4408 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
11:35:41.0609 4408 VUAgent - ok
11:35:41.0658 4408 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:35:41.0681 4408 vwifibus - ok
11:35:41.0794 4408 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:35:41.0834 4408 vwififlt - ok
11:35:41.0918 4408 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
11:35:41.0921 4408 VzCdbSvc - ok
11:35:42.0077 4408 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:35:42.0091 4408 W32Time - ok
11:35:42.0126 4408 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:35:42.0157 4408 WacomPen - ok
11:35:42.0465 4408 [ C8E546516E0BF477DB2AFC46B1065786 ] wampapache c:\wamp\bin\apache\apache2.4.2\bin\httpd.exe
11:35:42.0497 4408 wampapache - ok
11:35:42.0715 4408 wampmysqld - ok
11:35:42.0847 4408 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:35:42.0864 4408 WANARP - ok
11:35:42.0880 4408 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:35:42.0881 4408 Wanarpv6 - ok
11:35:43.0259 4408 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:35:44.0146 4408 WatAdminSvc - ok
11:35:44.0511 4408 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:35:44.0558 4408 wbengine - ok
11:35:44.0614 4408 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:35:44.0638 4408 WbioSrvc - ok
11:35:44.0784 4408 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:35:44.0808 4408 wcncsvc - ok
11:35:44.0836 4408 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:35:44.0855 4408 WcsPlugInService - ok
11:35:44.0930 4408 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:35:44.0959 4408 Wd - ok
11:35:45.0148 4408 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:35:45.0170 4408 Wdf01000 - ok
11:35:45.0205 4408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:35:45.0219 4408 WdiServiceHost - ok
11:35:45.0233 4408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:35:45.0235 4408 WdiSystemHost - ok
11:35:45.0331 4408 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:35:45.0346 4408 WebClient - ok
11:35:45.0429 4408 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:35:45.0447 4408 Wecsvc - ok
11:35:45.0498 4408 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:35:45.0523 4408 wercplsupport - ok
11:35:45.0650 4408 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:35:45.0666 4408 WerSvc - ok
11:35:45.0818 4408 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:35:45.0843 4408 WfpLwf - ok
11:35:45.0907 4408 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:35:45.0934 4408 WIMMount - ok
11:35:45.0967 4408 WinHttpAutoProxySvc - ok
11:35:46.0291 4408 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:35:46.0316 4408 Winmgmt - ok
11:35:46.0864 4408 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:35:46.0910 4408 WinRM - ok
11:35:47.0027 4408 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:35:47.0029 4408 WinUsb - ok
11:35:47.0289 4408 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:35:47.0321 4408 Wlansvc - ok
11:35:48.0057 4408 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:35:48.0082 4408 wlidsvc - ok
11:35:48.0154 4408 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:35:48.0179 4408 WmiAcpi - ok
11:35:48.0210 4408 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:35:48.0216 4408 wmiApSrv - ok
11:35:48.0256 4408 WMPNetworkSvc - ok
11:35:48.0289 4408 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:35:48.0296 4408 WPCSvc - ok
11:35:48.0375 4408 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:35:48.0383 4408 WPDBusEnum - ok
11:35:48.0444 4408 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:35:48.0567 4408 ws2ifsl - ok
11:35:48.0575 4408 WSearch - ok
11:35:48.0641 4408 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:35:48.0642 4408 WudfPf - ok
11:35:48.0705 4408 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:35:48.0709 4408 WUDFRd - ok
11:35:48.0764 4408 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:35:48.0776 4408 wudfsvc - ok
11:35:48.0838 4408 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:35:48.0857 4408 WwanSvc - ok
11:35:49.0107 4408 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
11:35:49.0112 4408 yukonw7 - ok
11:35:49.0172 4408 ================ Scan global ===============================
11:35:49.0219 4408 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:35:49.0304 4408 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
11:35:49.0319 4408 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
11:35:49.0409 4408 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:35:49.0457 4408 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:35:49.0463 4408 [Global] - ok
11:35:49.0464 4408 ================ Scan MBR ==================================
11:35:49.0516 4408 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:35:50.0842 4408 \Device\Harddisk0\DR0 - ok
11:35:50.0850 4408 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
11:35:53.0848 4408 \Device\Harddisk3\DR3 - ok
11:35:53.0849 4408 ================ Scan VBR ==================================
11:35:53.0857 4408 [ 9D5C8F9ABF4FF5542CA0EBEC69FD33E5 ] \Device\Harddisk0\DR0\Partition1
11:35:53.0859 4408 \Device\Harddisk0\DR0\Partition1 - ok
11:35:53.0866 4408 [ 92B61990C332BD0FC5F11945E325E1AD ] \Device\Harddisk0\DR0\Partition2
11:35:53.0868 4408 \Device\Harddisk0\DR0\Partition2 - ok
11:35:53.0872 4408 [ 219053ABBB45D8AF753CFD45160B00F8 ] \Device\Harddisk3\DR3\Partition1
11:35:53.0873 4408 \Device\Harddisk3\DR3\Partition1 - ok
11:35:53.0874 4408 ============================================================
11:35:53.0874 4408 Scan finished
11:35:53.0874 4408 ============================================================
11:35:53.0883 4132 Detected object count: 0
11:35:53.0883 4132 Actual detected object count: 0
 
FRST fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2012
Ran by Système at 2012-11-04 11:30:15 Run:1
Running from G:\

==============================================

HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows No ZeroAccess entry found.
C:\Windows\System32\consrv.dll not found.
C:\Windows\Installer\{02de92b9-9b7a-884b-2337-8fdf28b2bcc5} moved successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====
 
RogueKiller report
RogueKiller V8.2.2 [03/11/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Website: http://www.sur-la-toile.com/RogueKiller/
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Tom [Droits d'admin]
Mode : Suppression -- Date : 04/11/2012 11:40:41
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 9 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (etuproxy.enpc.fr:3128) -> NON SUPPRIMÉ, UTILISER PROXY RAZ
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> SUPPRIMÉ
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> SUPPRIMÉ
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REMPLACÉ (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REMPLACÉ (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE] ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM500JI +++++
--- User ---
[MBR] 4d0ac2531b6a33798f3a645818d8d62a
[BSP] ec2e2f58161b32af0d8d2a037c05477c : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10748 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 22013952 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 22218752 | Size: 466090 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive3: USB Flash Disk USB Device +++++
--- User ---
[MBR] db3b9e0ccb21c8d30844cb95e1fe5470
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 568 | Size: 1911 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Termine : << RKreport[2]_D_04112012_114041.txt >>
RKreport[1]_S_04112012_113936.txt ; RKreport[2]_D_04112012_114041.txt
 
Malwarebytes Anti-Malware (Essai) 1.65.1.1000
www.malwarebytes.org
Version de la base de données: v2012.11.04.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Tom :: ORDINATEUR [administrateur]
Protection: Désactivé
04/11/2012 11:44:45
mbam-log-2012-11-04 (11-44-45).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 206571
Temps écoulé: 9 minute(s), 22 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
 
This topic is marked as abandoned and closed due to inactivity.
This member will NOT be eligible to receive any more help in malware removal forum.
 
Status
Not open for further replies.

Similar threads

M
Inactive win64/Patched.A in services.exe
Replies
16
Views
4K
Broni
Broni
S
Solved Deleting Win64/patched.a
2
Replies
32
Views
6K
Broni
Broni
J
  • Locked
Solved luhe.Sirefef.a win64/patched.a in services.exe
Replies
22
Views
4K
Jay Pfoutz
Jay Pfoutz

Latest posts

Back